| Summary: | app-admin/sleuthkit-1.69 ebuild request | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Daniel Webert <rockoo> |
| Component: | New packages | Assignee: | Daniel Black (RETIRED) <dragonheart> |
| Status: | VERIFIED TEST-REQUEST | ||
| Severity: | enhancement | CC: | alpha, amd64, lsmod |
| Priority: | High | Keywords: | EBUILD |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | http://packages.debian.org/unstable/admin/sleuthkit | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 47097 | ||
| Attachments: | sleuthkit-1.69.ebuild | ||
|
Description
Daniel Webert
2004-04-07 07:37:18 UTC
Daniel wanna try this ebuild too ? Created attachment 30200 [details]
sleuthkit-1.69.ebuild
ACK! Sleuthkit and Autopsy were obviously not made for distros. >.<
Committed to cvs. Arch test requested - debian lists this package as unstable on all archs/ http://packages.debian.org/unstable/admin/sleuthkit It builds on sparc, installs without disturbing anything, and the programs seem to run, so I'll mark it ~sparc. I'm not sure how to go about testing it, though. Installs on s390 bump to 1.69, which is what i put my ebuild in as. version bumped to 1.69. Thanks Daniel. Appoligies for the oversight - good ebuild btw. >good ebuild btw.
Thanks! I feel special now. =D
*** Bug 50222 has been marked as a duplicate of this bug. *** can not connect w/ autopsy-2.0 to sleuthkit-1.69 ... 1.68 works fine (x86) <snip> ERROR: Sleuth Kit file executable missing </snap> portion of sleuthkit-1.68 makefile:
no-perl:
cd src/misc; make "CC=$(CC)" MAKELEVEL=
cd src/hashtools; make "CC=$(CC)" MAKELEVEL=
cd src/fstools; make "CC=$(CC)" MAKELEVEL=
cd src/mmtools; make "CC=$(CC)" MAKELEVEL=
cd src/file; CC="$(CC)" sh ./install
same portion of sleuthkit-1.69 makefile:
no-perl:
cd src/misc; make "CC=$(CC)" MAKELEVEL=
cd src/hashtools; make "CC=$(CC)" MAKELEVEL=
cd src/fstools; make "CC=$(CC)" MAKELEVEL=
cd src/mmtools; make "CC=$(CC)" MAKELEVEL=
The sleuthkit guys took 'file' out 'no-perl'. My ebuild was made for 1.69 so it screwed up when using 1.68.
Add sys-apps/file to sleuthkit-1.69 and get everyone who emerge'd sleuthkit-1.68 to update and re-emerge sys-apps/file.
Ok - removed version 1.68.
I added sys-apps/file as a runtime dependancy of autopsy-2.00.
sys-apps/file isn't a depend on sleuthkit so I'm not going to put it there to fix the previous version. Looking at:
$ qpkg -f -v /usr/bin/file
app-arch/file-roller-2.4.4-r2 *
gnome-base/control-center-1.4.0.5-r1 *
net-fs/coda-6.0.3 *
sys-apps/file-4.06 *
this isn't the only overwriter of "file".
NOTE to peoples here who installed verions 1.68 of sleuthkit - please remerge sys-apps/file.
Test plan for ARCHters:
Step 1:
ils /dev/discs/disc0/part1
This will list inodes of removed files on the partion /dev/discs/disc0/part1
Step 2: Create copy of disk image (suggest /boot or something small)
dd if=/dev/discs/disc0/part1 of=/tmp/image
Step 3: istat test
istat /tmp/image {inodenum from step 1 - first column}
will list metadata about that node.
Please ingore my comments about other packages overwriting /usr/bin/file. This is incorrect and a known qpkg bug #50157 that I based my information off. Marked stable on hppa. |
